Group key server based key management method in sharing encryption file system |
Title: |
Group key server based key management method in sharing encryption file system |
|
Application Number: |
200710177068 |
Application Date: |
2007/11/09 |
Announcement Date: |
2008/04/09 |
Pub. Date: |
|
Publication Number: |
101159556 |
Announcement Number: |
|
Grant Date: |
|
Granted Pub. Date: |
|
ApplicationType: |
Invention |
State/Country: |
11[China|beijing] |
IPC: |
H04L 9/32, H04L 29/06, H04L 12/56 |
Applicant(s): |
Tsinghua University |
Inventor(s): |
Shu Jiwu, Xue Wei, Liu Zhicai, Xiao Da |
Key Words: |
Group key server, key management method, sharing encryption file system |
Abstract: |
The invention provides a key server-based key management method in an encrypting file system and belongs to the filed of storage safety. The invention is characterized in that a group key server processes each key management request in the system and performs strict check for user identification and access authority; a user terminal sends a key operation request to the group key server; the organized key information, based on extended access control list, comprises a file key, a user ID and an access authority; the group key server protects the confidentiality and integrity thereof by using the privacy key itself; the user terminal realizes the key cache function and reduces the frequency of communication with the group key server; the system can cancel the key by using the delay encryption technique, postpone the time of file re-encryption until the file content is updated, and minimize the influence of key cancel operation on the system performance. |
Claim: |
|
Priority: |
|
PCT: |
|
LegalStatus: |
|